NetworkPkg/IScsiDxe/IScsiCHAP.h

   1 /** @file
   2   The header file of CHAP configuration.
   3
   4 Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.<BR>
   5 SPDX-License-Identifier: BSD-2-Clause-Patent
   6
   7 **/
   8
   9 #ifndef _ISCSI_CHAP_H_
  10 #define _ISCSI_CHAP_H_
  11
  12 #define ISCSI_AUTH_METHOD_CHAP                    "CHAP"
  13
  14 #define ISCSI_KEY_CHAP_ALGORITHM                  "CHAP_A"
  15 #define ISCSI_KEY_CHAP_IDENTIFIER                 "CHAP_I"
  16 #define ISCSI_KEY_CHAP_CHALLENGE                  "CHAP_C"
  17 #define ISCSI_KEY_CHAP_NAME                       "CHAP_N"
  18 #define ISCSI_KEY_CHAP_RESPONSE                   "CHAP_R"
  19
  20 #define ISCSI_CHAP_ALGORITHM_MD5                  5
  21
  22 ///
  23 /// MD5_HASHSIZE
  24 ///
  25 #define ISCSI_CHAP_RSP_LEN                        16
  26
  27 #define ISCSI_CHAP_STEP_ONE                       1
  28 #define ISCSI_CHAP_STEP_TWO                       2
  29 #define ISCSI_CHAP_STEP_THREE                     3
  30 #define ISCSI_CHAP_STEP_FOUR                      4
  31
  32
  33 #pragma pack(1)
  34
  35 typedef struct _ISCSI_CHAP_AUTH_CONFIG_NVDATA {
  36   UINT8 CHAPType;
  37   CHAR8 CHAPName[ISCSI_CHAP_NAME_STORAGE];
  38   CHAR8 CHAPSecret[ISCSI_CHAP_SECRET_STORAGE];
  39   CHAR8 ReverseCHAPName[ISCSI_CHAP_NAME_STORAGE];
  40   CHAR8 ReverseCHAPSecret[ISCSI_CHAP_SECRET_STORAGE];
  41 } ISCSI_CHAP_AUTH_CONFIG_NVDATA;
  42
  43 #pragma pack()
  44
  45 ///
  46 /// ISCSI CHAP Authentication Data
  47 ///
  48 typedef struct _ISCSI_CHAP_AUTH_DATA {
  49   ISCSI_CHAP_AUTH_CONFIG_NVDATA *AuthConfig;
  50   UINT32                        InIdentifier;
  51   UINT8                         InChallenge[1024];
  52   UINT32                        InChallengeLength;
  53   //
  54   // Calculated CHAP Response (CHAP_R) value.
  55   //
  56   UINT8                         CHAPResponse[ISCSI_CHAP_RSP_LEN];
  57
  58   //
  59   // Auth-data to be sent out for mutual authentication.
  60   //
  61   // While the challenge size is technically independent of the hashing
  62   // algorithm, it is good practice to avoid hashing *fewer bytes* than the
  63   // digest size. In other words, it's good practice to feed *at least as many
  64   // bytes* to the hashing algorithm as the hashing algorithm will output.
  65   //
  66   UINT32                        OutIdentifier;
  67   UINT8                         OutChallenge[ISCSI_CHAP_RSP_LEN];
  68 } ISCSI_CHAP_AUTH_DATA;
  69
  70 /**
  71   This function checks the received iSCSI Login Response during the security
  72   negotiation stage.
  73
  74   @param[in] Conn             The iSCSI connection.
  75
  76   @retval EFI_SUCCESS          The Login Response passed the CHAP validation.
  77   @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
  78   @retval EFI_PROTOCOL_ERROR   Some kind of protocol error occurred.
  79   @retval Others               Other errors as indicated.
  80
  81 **/
  82 EFI_STATUS
  83 IScsiCHAPOnRspReceived (
  84   IN ISCSI_CONNECTION  *Conn
  85   );
  86 /**
  87   This function fills the CHAP authentication information into the login PDU
  88   during the security negotiation stage in the iSCSI connection login.
  89
  90   @param[in]       Conn        The iSCSI connection.
  91   @param[in, out]  Pdu         The PDU to send out.
  92
  93   @retval EFI_SUCCESS           All check passed and the phase-related CHAP
  94                                 authentication info is filled into the iSCSI
  95                                 PDU.
  96   @retval EFI_OUT_OF_RESOURCES  Failed to allocate memory.
  97   @retval EFI_PROTOCOL_ERROR    Some kind of protocol error occurred.
  98
  99 **/
 100 EFI_STATUS
 101 IScsiCHAPToSendReq (
 102   IN      ISCSI_CONNECTION  *Conn,
 103   IN OUT  NET_BUF           *Pdu
 104   );
 105
 106 #endif